EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

• Question 171:

  which type of virus can change its own code and then cipher itself multiple times as it replicates?

  A. Stealth virus

  B. Tunneling virus

  C. Cavity virus

  D. Encryption virus

  Correct Answer: A

  A stealth virus may be a sort of virus malware that contains sophisticated means of avoiding detection by antivirus software. After it manages to urge into the now- infected machine a stealth viruses hides itself by continually renaming and moving itself round the disc.Like other viruses, a stealth virus can take hold of the many parts of one's PC. When taking control of the PC and performing tasks, antivirus programs can detect it, but a stealth virus sees that coming and can rename then copy itself to a special drive or area on the disc, before the antivirus software. Once moved and renamed a stealth virus will usually replace the detected `infected' file with a clean file that doesn't trigger anti-virus detection. It's a never-ending game of cat and mouse.The intelligent architecture of this sort of virus about guarantees it's impossible to completely rid oneself of it once infected. One would need to completely wipe the pc and rebuild it from scratch to completely eradicate the presence of a stealth virus. Using regularly-updated antivirus software can reduce risk, but, as we all know, antivirus software is additionally caught in an endless cycle of finding new threats and protecting against them.

• Question 172:

  which of the following protocols can be used to secure an LDAP service against anonymous queries?

  A. SSO

  B. RADIUS

  C. WPA

  D. NTLM

  Correct Answer: B

  Remote Authentication Dial-In User Service (RADIUS) could be a networking protocols, in operation on ports 1812 and 1813, that gives centralized Authentication, Authorization, and Accounting (AAA or Triple A) management for users who connect and use a network service. RADIUS was developed by American Revolutionary leader Enterprises, Inc. in 1991 as an access server authentication and accounting protocol and later brought into the net Engineering Task Force (IETF) standards. RADIUS could be a client/server protocol that runs within the application layer, and might use either protocol or UDP as transport. Network access servers, the gateways that management access to a network, sometimes contain a RADIUS consumer element that communicates with the RADIUS server . RADIUS is commonly the back-end of alternative for 802.1X authentication moreover. The RADIUS server is sometimes a background method running on a UNIX system or Microsoft Windows server.

• Question 173:

  Attacker Rony installed a rogue access point within an organization's perimeter and attempted to intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by johnson in the above scenario?

  A. Host-based assessment

  B. Wireless network assessment

  C. Application assessment

  D. Distributed assessment

  Correct Answer: B

• Question 174:

  What useful information is gathered during a successful Simple Mail Transfer Protocol (SMTP) enumeration?

  A. The two internal commands VRFY and EXPN provide a confirmation of valid users, email addresses, aliases, and mailing lists.

  B. Reveals the daily outgoing message limits before mailboxes are locked

  C. The internal command RCPT provides a list of ports open to message traffic.

  D. A list of all mail proxy server addresses used by the targeted host

  Correct Answer: A

• Question 175:

  CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware of your test. Your email message looks like this:

  From: [email protected]

  To: [email protected] Subject: Test message

  Date: 4/3/2017 14:37

  The employee of CompanyXYZ receives your email message.

  This proves that CompanyXYZ's email gateway doesn't prevent what?

  A. Email Masquerading

  B. Email Harvesting

  C. Email Phishing

  D. Email Spoofing

  Correct Answer: D

• Question 176:

  Jude, a pen tester, examined a network from a hacker's perspective to identify exploits and vulnerabilities accessible to the outside world by using devices such as firewalls, routers, and servers. In this process, he also estimated the threat of network security attacks and determined the level of security of the corporate network.

  What is the type of vulnerability assessment that Jude performed on the organization?

  A. External assessment

  B. Passive assessment

  C. Host-based assessment

  D. Application assessment

  Correct Answer: A

• Question 177:

  What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

  A. Residual risk

  B. Impact risk

  C. Deferred risk

  D. Inherent risk

  Correct Answer: A

• Question 178:

  ping-* 6 192.168.0.101

  Output:

  Pinging 192.168.0.101 with 32 bytes of data:

  Reply from 192.168.0.101: bytes=32 time<1ms TTL=128

  Reply from 192.168.0.101: bytes=32 time<1ms TTL=128

  Reply from 192.168.0.101: bytes=32 time<1ms TTL=128

  Reply from 192.168.0.101: bytes=32 time<1ms TTL=128

  Reply from 192.168.0.101: bytes=32 time<1ms TTL=128

  Reply from 192.168.0.101:

  Ping statistics for 192.168.0101

  Packets: Sent = 6, Received = 6, Lost = 0 (0% loss).

  Approximate round trip times in milli-seconds:

  Minimum = 0ms, Maximum = 0ms, Average = 0ms

  What does the option * indicate?

  A. t

  B. s

  C. a

  D. n

  Correct Answer: D

• Question 179:

  Bill is a network administrator. He wants to eliminate unencrypted traffic inside his company's network. He

  decides to setup a SPAN port and capture all traffic to the datacenter. He immediately discovers

  unencrypted traffic in port UDP 161.

  what protocol is this port using and how can he secure that traffic?

  A. it is not necessary to perform any actions, as SNMP is not carrying important information.

  B. SNMP and he should change it to SNMP V3

  C. RPC and the best practice is to disable RPC completely

  D. SNMP and he should change it to SNMP v2, which is encrypted

  Correct Answer: B

  We have various articles already in our documentation for setting up SNMPv2 trap handling in Opsview, but SNMPv3 traps are a whole new ballgame. They can be quite confusing and complicated to set up the first time you go through the process, but when you understand what is going on, everything should make more sense. SNMP has gone through several revisions to improve performance and security (version 1, 2c and 3). By default, it is a UDP port based protocol where communication is based on a `fire and forget' methodology in which network packets are sent to another device, but there is no check for receipt of that packet (versus TCP port when a network packet must be acknowledged by the other end of the communication link). There are two modes of operation with SNMP ?get requests (or polling) where one device requests information from an SNMP enabled device on a regular basis (normally using UDP port 161), and traps where the SNMP enabled device sends a message to another device when an event occurs (normally using UDP port 162). The latter includes instances such as someone logging on, the device powering up or down, or a wide variety of other problems that would need this type of investigation. This blog covers SNMPv3 traps, as polling and version 2c traps are covered elsewhere in our documentation. SNMP trapsSince SNMP is primarily a UDP port based system, traps may be `lost' when sending between devices; the sending device does not wait to see if the receiver got the trap. This means if the configuration on the sending device is wrong (using the wrong receiver IP address or port) or the receiver isn't listening for traps or rejecting them out of hand due to misconfiguration, the sender will never know. The SNMP v2c specification introduced the idea of splitting traps into two types; the original `hope it gets there' trap and the newer `INFORM' traps. Upon receipt of an INFORM, the receiver must send an acknowledgement back. If the sender doesn't get the acknowledgement back, then it knows there is an existing problem and can log it for sysadmins to find when they interrogate the device.

• Question 180:

  Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations.

  Bob also concluded that DMZ makes sense just when a stateful firewall is available, which is not the case of TPNQM SA.

  In this context, what can you say?

  A. Bob can be right since DMZ does not make sense when combined with stateless firewalls

  B. Bob is partially right. He does not need to separate networks if he can create rules by destination IPs, one by one

  C. Bob is totally wrong. DMZ is always relevant when the company has internet servers and workstations

  D. Bob is partially right. DMZ does not make sense when a stateless firewall is available

  Correct Answer: C